A Weak Audit Trail is a Database Security Threat

Databases are arguably the heart and soul of any modern organisation. They drive and inform business processes, supply business intelligence, and deliver valuable insights and records. Despite the power and effectiveness of databases, however, they remain very vulnerable. According to a report published by Verizon in 2012, databases have the highest rate of breaches among all business assets. Considering all the sensitive information databases store, why are databases still so easy to attack? The issue most often lies with the misalignment of priorities and funding when it comes to IT security. There is however, a quick fix. With the implementation of strong data governance policy, your organization can reduce its risk and reap more rewards as well. This means piecing together the parts of an effective data strategy, and analysing the driving factors and biggest risks to your databases.

According to a new whitepaper by Imperva, they have identified a weak audit trail as one of the top 10 biggest database security risks. A proper audit trail should collect and archive detailed records of the data stored within your databases, particularly those storing sensitive data like financial or health records. The mistake that most organisations make is assuming that their built in audit trails are sufficient enough to help them stay compliant and secure. Imperva states:

Many enterprises will turn to native audit tools provided by their database vendors or rely on ad-hoc and manual solutions. These approaches do not record details necessary to support auditing… Furthermore, native database audit mechanisms are notorious for consuming CPU and disk resources forcing many organizations to scale back or eliminate auditing altogether. Finally, most native audit mechanisms are unique to a database server platform… For organizations with heterogeneous database environments, this imposes a significant obstacle to implementing uniform, scalable audit processes.

In other words native or built-in audit trails burden an organisations current systems. They also have limited visibility and access. Additionally they only work with one specific database, which doesn’t do organisations with multiple databases much good, because these audit trails don’t give full picture of your organisation.

A weak audit trail is also not sufficient enough to keep you compliant. This goes specifically for those in industries such as the financial or medical industries. There are many government regulations that directly address the audit and storage of sensitive data records. Imperva elaborates:

Organizations with weak (or sometimes non-existent) database audit mechanisms will increasingly find that they are at odds with industry and government regulatory requirements. For example, Sarbanes-Oxley (SOX), which protects against accounting errors and fraudulent practices, and the Healthcare Information Portability and Accountability Act (HIPAA) in the healthcare sector, are just two examples of regulations with clear database audit requirements.

To recap, organisations often suffer from security breaches do to the following reasons:

Funding

Resources going to the wrong security applications

IT professionals misallocating priorities

Weak Data Trail

Native audit trails burden current systems

Native audit trails lack full capacity to track individual records in their entirety

Weak audit trails increase risk of being found non-compliant

So what can you do to increase security on your databases in 2014? First of all, do an audit of your current security practices and applications. Then make sure you do your research, including reading the whitepaper mentioned several times above provided by Imperva. And lastly, resolve the issue of a weak audit trail now by investing in an independent data audit trail.

An independent data audit trail will track each individual data record created, changed, or destroyed by any application, and archive it for access at any time in the future. Best of all it is easily searchable and completely separate from your current systems and databases so it doesn’t consume CPU or your current resources. Find out more below.